Privacy Policy

1 Responsible Authority

We are happy about you visiting our website. We would like to introduce you to the responsible authority in terms of data protection law as applicable:

Atelier Bäcker
Sole proprietor Alexandra Bäcker
c/o Impact Hub Zürich AG, Sihlquai 131
8005 Zürich
Phone: +41764179213
E-mail: [email protected]

2 General Information

Pursuant to our statutory obligations, we would like to inform you about the collection and use of your personal data.

When you use our website, personal data about you will be collected. This may happen by you entering the data yourself, for example your e-mail address. But our system also collects your data automatically, for example whenever you visit our website. This happens irrespective of the device or the software that you use to visit our website.

All data that you enter in our app is provided voluntarily; there are no disadvantages to you if you do not provide data. But without certain data, we are unable to provide services or to conclude contracts. Whenever such information is necessary, we will point it out to you.

On this website, the user’s personal data is only collected within the framework of the existing data-protection law, in particular the General Data Protection Regulation (GDPR). The legal terms used in the text are defined in Art. 4 of the GDPR.

The GDPR allows data processing in three cases in particular:

in accordance with Art. 6 para. 1 (a) and 7 GDPR, when you have consented to us processing your data; in this Privacy Policy and in the cases of consent pursuant to Art. 4 no. 11 GDPR, we will inform you in detail and each time for what purposes and under what circumstances your data will be processed by us;
in accordance with Art. 6 para. 1 (b) GDPR, when processing your personal data is necessary for negotiating, concluding or performing a contract;
in accordance with Art. 6 para. 1 (f) GDPR, if the balancing of interests leads to the conclusion that the processing is necessary to protect our legitimate interests; this means in particular our interests to analyse, optimise and secure the offers on our website – meaning primarily the analysis of user behaviour, setting up profiles for advertisement purposes and storage of access data as well as the use of third-party providers.

2.1 Inventory Data

We collect inventory data as far as it is necessary to establish, negotiate or amend a contract (including one without remuneration) between us and the user. This can be: customer data (for example name, address), contact data (for example e-mail address, phone number), service data (for example services ordered, duration, payment). Upon establishing the user relationship, we will ask you for this data (for example name, address and e-mail address) and will also tell you which of the information is required to establish the user relationship.

2.2 Usage Data

We also collect usage data to allow users to use the services on our website. These may consist of: usage information (for example visited websites or parts, duration of visit, interest in services), content data (for example data, text, images, sounds, videos entered or uploaded by you), meta data (for example identity of your device, location, IP address).

We will only combine usage data if and insofar as it is necessary for billing purposes. Otherwise, we will only put together usage data pseudonymously and only insofar as you have not objected. You may send this objection to the address indicated in the “About Us” section or the responsible authority indicated in this Privacy Policy at any time.

The legal basis for this data processing are our legitimate interests pursuant to Art. 6 para. 1 (f) GDPR in analysing the website and your use, possibly also the statutory permission to store data as part of the negotiation of a contract pursuant to Art. 6 para. 1 (b) GDPR.

3 Hoster

3.1 Digital Ocean

Our Website is presented in the Internet by a service provider. We use the service Digital Ocean, New York, 101 6th Ave, United States. We have concluded a data processing agreement with our provider. With this contract, our provider is obliged to process the data according to our instructions. You can find more information on data processing at our provider in his privacy policy at https://www.digitalocean.com/legal/privacy-policy. The legal basis for this data processing is on the one hand our legitimate interest in a technologically perfect online offering and its design and optimization in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, and, on the other hand, our contractual or pre-contractual legal relationship in accordance with Art. 6 para. 1 (b) GDPR.

Furthermore, our provider stores information, the so-called server log files, each time the website is used; this is information which is automatically transferred by your browser. In detail, this data consists of:

your IP address
type and version of your browser
host name
time of visit
the page from which you came to our page
name of the page opened
exact time of usage as well as
the amount of data transferred

This data will only be used for statistical purposes and do not allow us to identify you as a user.

4 Advertisements

Before sending you advertisements, we will ask for your explicit consent pursuant to Art. 4 no. 11 GDPR, except in cases of advertisements for similar products to the one you already acquired. This will happen in particular when you grant us consent to mail our newsletter or when you fill out a contact form. You may withdraw your consent at any time in accordance with the subsequent section “Consent”.
INSOFAR AS WE USE YOUR PERSONAL DATA FOR DIRECT MARKETING, YOU MAY ALSO OBJECT TO THE USE OF YOUR DATA FOR THAT PURPOSE AT ANY TIME. THIS MAY BE DONE THROUGH ANY OF OUR MEANS OF CONTACT, PARTICULARLY BY E-MAIL TO THE E-MAIL ADDRESS LISTED IN THE “LEGAL NOTICE” SECTION WITHOUT ANY FORMAL REQUIREMENTS. WE WILL THEN NO LONGER USE YOUR DATA FOR DIRECT MARKETING.

5 First Contact through Electronic Request

If you contact us in electronic form (for example by mail, fax, phone, messenger, etc.), we store and process the data which you have given us (for example name, contact information, content of the request). This is based on our legitimate interest in an effective communication with customers in accordance with Article 6 para. 1 (a) GDPR and, as far as it concerns a request to enter into or to perform a contract, also with Article 6 para. 1 (b) GDPR.
We will only pass on this data to third parties as far as required for the performance of the contract (in accordance with Article 6 para. 1 (b) GDPR), by the overwhelming interest in effective services (in accordance with Article 6 para. 1 (f) GDPR) or based on your consent (in accordance with Article 6 para. 1 (a) GDPR) or if there is another legal permission or obligation.
You may ask us at any time and without any cost to provide information about the purpose of the processing, the origin and the recipient, if any, of your data. You may also request that we correct, delete or limit the processing of your personal data. You may object against the (further) processing of your data at any time and you have a right for the data to be made transferable as well as the right to file a complaint with the competent supervisory agency.
In general, your data will only remain stored as long as required by the purpose of the respective data processing. A longer storage is an option, in particular when required in order to pursue our rights, for other legitimate interests of ours or when there is a statutory duty to keep the data longer (for example record-keeping under tax law, statute of limitations).

6 Consent

Whenever we ask you for your consent for the processing of your data, we will inform you in clear language and in an easily accessible way about the cases for which you will be granting your consent. Any consent that we ask you for is voluntary. Any advantage that you wish to gain by granting consent is also available without consent; simply ask us.

Regarding any consent, you have the right to revoke any consent given to us for the processing of your personal data at any time. You just need to contact us without any particular formal requirement, for example through our contact form, an e-mail to the e-mail address indicated in the “About Us” section or a link to unsubscribe (if offered by us). Your withdrawal has no effect on the legality of the data processing carried out up to that point.

7 Storage Period

Generally, your data will only remain stored as long as required by the purpose of the respective data processing. Storage beyond that is possible in particular if it is still required for pursuing our rights or for other legitimate interests of ours.
For your inventory data which were necessary to perform a contract (including one without remuneration), this means that we store this data until the complete performance or termination of the contractual relationship plus the limitation period (which is generally 2 or 3 years) plus an adequate extra time for potential interruptions of the limitation period.
For your usage data which was collected in the course of your use of the website, this means that we will store it only for the time still required for the proper functionality of our website and as long as we still have a legitimate interest. Statistical information will be primarily stored by us in pseudonymous form.
Beyond that, we still store your data for as long as we are required to do so by law. This concerns in particular the tax-law requirements to keep records, usually for 6 or even 10 years.

8 Cookies

8.1 More then essential Cookies

Upon opening the website, we have asked you to consent to the storing of certain cookies which will be placed while you visit our website. Based on your consent pursuant to Art 6 para. 1 (a) GDPR, our website thus uses cookies, so that our offer can be used in a better, more effective and more secure way.
Cookies are text files that are stored on your computer and which store certain data about your user behavior on our page, so that certain features or offers can be made available to you based on your previous use. These can be “session cookies”, which are automatically deleted when you leave our website. Other cookies are stored on your computer permanently until you delete them. That allows us to recognize your browser when you visit our website again and to provide you with features or offers according to your previous usage.

Your browser allows you to prevent the use of cookies in general or in specific cases. Please check the instructions for your browser to find out more about this. You can also delete cookies following these instructions which we have listed for you:

for Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en
for Safari: https://support.apple.com/en-gb/guide/safari/sfri11471/mac
for Firefox: https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
for Edge: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
for Internet Explorer: https://support.microsoft.com/en-gb/help/278835/how-to-delete-cookie-files-in-internet-explorer

Blocking cookies may limit the functionality of our website and of other websites visited by you.
More information on this topic, in particular how you can administer, limit or completely disable third-party cookies and technologies with a similar purpose, can be found at:
https://www.aboutads.info/choices
https://www.youronlinechoices.eu
https://www.networkadvertising.org/choices

8.1.1 CookieYes

In order to obtain your consent to store certain cookies on your device and to document this in line with data protection law, and in line with our legal obligations under Art. 6 para. 1 sentence 1 (c) GDPR and our legitimate interest in accordance with Art. 6 para. 1 (f) GDPR, we use the product CookieYes of CookieYes Limited, 3 Warren Yard Warren Park, Wolverton Mill, Milton Keynes, MK12 5NW, United Kingdom.
Upon opening our website, the following data will be sent to CookieYes: your consent or the withdrawal of your consent for placing cookies, a cookie placed in your browser by CookieYes, type and version of your browser, information about your device, the time of your visit to our website as well as your IP address in an anonymized form. Because it is anonymous, collecting the IP address does not link to any person and only serves the purpose of having evidence for the consent granted.
You can find detailed information about the purpose of the collected data and about the privacy policy of CookieYes at: https://www.cookieyes.com/privacy-policy/
If you want to withdraw your consent, simply delete the cookie in your browser. For information on deleting cookies, we refer you to the chapter “cookies” in this privacy policy. If you re-enter/reload our website, you will be asked for your consent to place cookies again. Alternatively we offer an opt out right here.

9 Transfer of data

9.1 Transfer to Third Parties

We dislike spam as much as you do. We will therefore not transfer your data to third parties, unless permitted by law.

Transfer of customer data may either

be required for the performance of a contract and in that case be permitted according to Art. 6 para. 1 (b) GDPR, or
be permitted based on our legitimate interest in an effective service structure pursuant to Art. 6 para. 1 (f) GDPR, or
covered by your consent pursuant to Art. 6 para. 1 (a) GDPR, or
become necessary if we will be legitimately asked by a government or an agency to hand over your data pursuant to Art. 6 para. 1 (c) GDPR.

If your data are transferred to third parties, this is mentioned in this privacy policy.

9.2 Transfer to other countries, particularly USA

Our website uses external providers located outside of the EU for different features. In particular, the use of cookies, active Java scripts and other technology can lead to processing and storage of your data outside of the EU. But we will not transfer your data to a third country, unless the EU Commission has determined that there is a similar level of data protection as in the EU or unless you have provided us with your informed consent or we have agreed on the standard contractual clauses for the protection of your data with the provider.

10 Users‘ Rights

You may request us anytime to provide information about the personal data stored about you free of charge. To avoid misuse, this will require personal identification.

10.1 Deletion, Correction, Limitation

You may at any time demand from us that we correct (or complete) incorrect data as well as a limitation of the processing of data or deletion of your data. This applies in particular if the reason for processing the data is no longer valid, if a required consent has been revoked and there is no other legal basis or if our data processing is unlawful. We will then correct, block or even delete your personal data without delay as far as permitted by law.

10.2 Objection

The right to object to advertisement is governed by our text regarding consent:
Regarding any consent, you have the right to revoke any consent given to us for the processing of your personal data at any time. You just need to contact us without any particular formal requirement, for example through our contact form, an e-mail to the e-mail address indicated in the “About Us” section or a link to unsubscribe (if offered by us). Your withdrawal has no effect on the legality of the data processing carried out up to that point.

10.3 Data Transfer

You may request us to transfer the data stored about you in machine-readable form.

10.4 Complaint

If you feel that our data processing has violated any of your rights, you may file a complaint with the competent regulatory agency (here you find a list of the agencies).

11 Changes to the Privacy Policy

If and when factual or legal reasons will compel us to amend the Privacy Policy, we will update this page accordingly. This will not change the consent provided by the user.

12 Data Entry

12.1 Encryption of Data Entry

When you enter data on our website, whether in a contact form, during the registration process, when you log in or for payment purposes, the website, where you enter the data, is encrypted. Thus, third parties can not read what you enter. You will recognise the encryption by the lock symbol in your browser and by the URL beginning with “https“ instead of “http“.

12.2 Contact Forms

12.2.1 General contact form

When you fill out a contact form or when you send us an e-mail or another electronic message, your information will be stored for the processing of the request, for possible follow-up questions or for other related questions and will only be used to follow up with the request.

Your data will be transferred in an encrypted manner, preventing third parties from reading your data while it is being entered.

Basis for this storage is the safeguarding of our legitimate interests in regard to communication with interested users pursuant to Art. 6 para. 1 (f) GDPR and in the case of inquiries prior to entering into a contract also the performance of a contract pursuant to Art. 6 para (b) GDPR.

Your data remains stored for as long as the processing of the request requires, in particular as long as the storage is still necessary to perform the contract, to pursue our rights or for our other legitimate interests or we are compelled by law to keep your data stored (for example based on tax-law requirements to maintain files).

13 Blog / Comments

13.1 Comments

If you comment something on our page, we will save your IP address to make sure that only lawful comments will be published. After reviewing and allowing the comment by us, this data will be deleted. We will also save your comment as well as the information entered together with it (for example user name or e-mail address).

Basis for this storage is your consent pursuant to Art. 6 para. 1 (a) GDPR, which you provide to us by filling in the comment field. You may revoke this consent at any time, you just need to contact us without any particular formal requirement (for example by unsubscribing, contact form or e-mail). This withdrawal has no effect on the legality of the data processing that has occurred up to that point.

Your data remains stored for as long as the comment is saved, for as long as required for us to pursue our rights or for our other legitimate interests or for as long as we are required by law to keep your data.

13.2 Gravatar

With the standard settings, WordPress also uses Gravatar to attribute an avatar to you. In that process, your IP address is transmitted. For reasons of data protection, we have pseudonymised the Gravatar feature.

14 Newsletter

14.1 ConvertKit LLC

If you subscribe to the newsletter offered on our page, we will inform you in detail about the information we will send you, which of your data will be stored and for what it will be used. We will not pass on your data to third parties and we will only use it for mailing the newsletter.

We will only mail you the newsletter if you have provided us with prior consent. To that purpose, you will receive an e-mail from us with a link and further details and we will ask for your consent. By confirming that link, you declare your consent to receive the newsletter and advertisement from us.

The basis for the storage is your consent pursuant to Art. 6 para. 1 (a) GDPR, which you grant us when you register for the newsletter. You may withdraw that consent at any time, for which any notice to us, without any formal requirement, is sufficient (for example through the contact form or by e-mail or by using the link to unsubscribe, which is included in each e-mail). This withdrawal has no effect on the legality of the data processing carried out up to that point.

Because we are legally required to record your consent as part of the double opt-in, your subscription to the newsletter, the mailing of our consent e-mail and your consent by clicking on the link will be recorded and stored with location and time as well as with your IP address.

For mailing the newsletter, we use (as part of our legitimate interest in a technologically perfect processing of our customer data and analysis) the provider
{newsletter_newsletterandere_usa_company}
https://convertkit.com/.

Thus, your data will be forwarded to the USA.

In our newsletter, we will also explicitly ask you to provide your consent to transmitting data to our newsletter provider and to the USA. You will declare this consent by clicking on the link, but you may revoke it at any time. For the handling of your data by our newsletter provider, we refer you to our newsletter provider’s privacy policy (insert link). Our newsletter provider will only use your data for mailing the newsletter and for evaluating that mailing on our behalf. In addition to that, our newsletter provider will only use your data to improve its own service. But our newsletter provider will not use the data to contact you directly or to pass on your data to third parties.

The mails used by our newsletter provider contains a “web beacon“, which will inform our newsletter provider about the opening of the newsletter and/or the clicking on a link contained therein by you. As part of that process, information regarding your browser, your location and your IP address will be transmitted to our newsletter provider. This information will be used to optimise our communication with you.

Our newsletter provider will also use this data, but only in a pseudonymous form (meaning that they cannot identify you) to analyse and optimise their own services. Your data will never be used by the newsletter provider in order to contact you.

Your data will remain stored for as long as you are in our mailing list, as long as the storage is required to enforce our rights or as long as it is necessary for our legitimate interests or as long as we are required by law to keep your data stored.

15 Social Media

15.1 Social Media Links

15.1.1 General Information

We refer with links to our social media presences. When you follow any such link to the social media site, your data will be broadcasted to that site. The social media site will normally store a cookie in your browser and to your account information there, especially, if you are logged into your social media account on the site. The social media site can analyse your use of the platform and your browsing habits and will use these for targeting advertisements based on your interests. That can lead to ads being shown to you when browsing in- and outside of the social media site. Please inform yourself about the use of your data on these sites and use them only, when you agree to that use of your data, that happens on that social media site, in particular, when you are not using that social media site for the first time. We have added links to all the privacy policies of the social media site for your information.

15.1.2 Facebook

Our website uses links to our presence in the social network of Facebook by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland. It is just a normal link. Thus, when you open our site, Facebook will not learn of your visit to our website. But once you click on the link, you will be led to Facebook, allowing Facebook to learn that you have visited out site.
Your data will be forwarded by Facebook Ireland on the base of the standard contractual clauses to Facebook USA. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.

The collection and use of your data which is possibly carried out by Facebook after clicking on the link is beyond our knowledge or control. You may find further information in Facebook’s privacy policy at https://en-gb.facebook.com/policy.php.

15.1.2.1 ManyChat

For our communication, we use a chatbot provided by Manychat Inc., One International Place, 535 Mission St, San Francisco, CA 94105, USA. This chatbot can be found and operated through Facebook Messenger.

The legal basis for our use of the chatbot is different, depending on the respective use of the chatbot. Requests regarding our offers will be processed on the basis of contractual data in accordance with Article 6 para. 1 (b). If we have contacted you via chatbot and asked you to consent to communication with our chatbot and with us, we will process your data based on this consent in accordance with Article 6 para. 1 (a) GDPR. We also use the chatbot based on our legitimate interest in accordance with Article 6 para. 1 (f) GDPR in a fast, technological and always available communication with users and customers.

If you send messages to our chatbot, Facebook will send us personal data about you. In particular, this will concern your Facebook identity. That allows us to see your public information on Facebook. But we will only use this data for your communication with the chatbot. We also store your communication with us in accordance with the general information in this privacy policy. This data will always be anonymised by us.

If you have requested recurring messages in the chatbot, you can always turn off the communication with certain messages in the future. The chatbot will show you the messages to be sent each time. This will remove your Facebook ID from the list of recipients. Also, your records up to that time will be anonymised.

By using the chatbot of ManyChat, the data mentioned will also be sent to ManyChat. Thus, your data will be sent to the USA.

For the handling of your data with ManyChat, we refer you to the privacy policy of ManyChat. ManyChat will only use your data for sending messages and for analyzing the messenger on our behalf. Additionally, ManyChat will only use your data to improve their own services. But ManyChat will not use the data to contact you directly or to pass on your data to third parties.

You can only use Facebook Messenger if you are a user of the social media platform Facebook. For the consequences thereof, we refer you to the section “Fan Pages”, “Facebook” in this privacy policy.

15.1.3 Instagram

Our website uses links to our presence in the social network of Instagram by Instagram LLC, now Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland.

It is just a normal link. Thus, when you open our site, Instagram will not learn of your visit to our website. But once you click on the link, you will be led to Instagram, allowing Instagram / Facebook to learn that you have visited out site.
Your data will be forwarded by Meta Platforms Ireland on the base of the standard contractual clauses to Meta Platforms USA. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.

The collection and use of your data which is possibly carried out by Instagram/Facebook after clicking on the link is beyond our knowledge or control. You may find further information in Instagram’s privacy policy at
https://privacycenter.instagram.com/policy.

15.1.4 Pinterest

Our page uses links to our presence on the social network Pinterest, provided by Pinterest, Inc., 808 Brannan St, San Francisco, CA 94103, USA.

It is just a normal link, which means that upon opening our page, Pinterest won’t learn anything of your visit to our website. But when you click on the link, you will be taken to Pinterest, and then Pinterest will also learn that you visited our page.

Thus, your data will be forwarded to the USA.

However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. According to the GDPR and the EuGH, this is a legal basis for the transfer of data to the USA. This applies in particular since the US Presidential Decree of 07.10.2022.

We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions. Further information can be found in Pinterest’ privacy policy at https://policy.pinterest.com/en/privacy-policy.

15.1.5 YouTube

Our website uses links to our presence in the social network of YouTube by YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. It is just a normal link. Thus, when you open our site, YouTube will not learn of your visit to our website. But once you click on the link, you will be led to YouTube, allowing YouTube to learn that you have visited out site.

The data collected by Google may be transferred by Google to countries outside of the EU, in particular to the USA.

However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.

You may find further information in YouTube’s privacy policy at
https://www.google.de/intl/de/policies/privacy/.

15.2 Social Media Videos

15.2.1 Youtube (Two Click)

Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR we use YouTube, a service provided by YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland in order to embed videos.
To protect your data, we have installed a two-click solution. That way, Google won’t learn about your visit once you access our website, but only once you actually click the button. If you confirm the plugin while being logged in at YouTube, Google may attribute your use to your user account.

The data collected by Google may be transferred by Google to countries outside of the EU, in particular to the USA.

However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.

We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions.
You may find further information in YouTube’s privacy policy at
https://www.google.de/intl/de/policies/privacy/.

Regarding the general approach to cookies and their deactivation, we refer you to our general information in this Privacy Policy.

16 Social Media Tracking

16.1 Facebook Pixel

If you, when accessing our website, agreed that we may use advertising and marketing cookies such as the Facebook pixel, we use the Facebook pixel for our marketing communication and to analyse the success of our marketing efforts on Facebook. Base is our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR. The Facebook pixel is a service to measure the reach, provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland.

The technology applied by the Facebook pixel allows us to measure the reach and the sales made (so-called conversions) based on our ads on Facebook and thus to improve our advertising strategy. It also allows us to target users, who have been to our website previously, with ads on Facebook. We can also use the data to produce so-called custom audiences. This means that Facebook analyses data of users of our website in order to determine persons with similar interests.

The Facebook pixel places a cookie in your computer, which Facebook uses to recognise that you have visited our website if you are logged into Facebook or when you log in again. The data is anonymised for us, we cannot attribute it to you. The data will be forwarded to the USA and stored by Facebook. This provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.

Facebook can connect to your respective user profile. Facebook may use the data for its own advertising purposes in accordance with the Facebook privacy policy (https://www.facebook.com/about/privacy/). If you want to withdraw your consent, send a short e-mail to [email protected]. If you are less than 13 years old, you can not give valid consent. If you are less than 13 years old, please click here [email protected].

Facebook offers you different preferences regarding the remarketing feature and the custom audiences, which you can open here if you are logged into Facebook. If you don’t have a Facebook account, you can also change the preferences through the European Interactive Digital Advertising Alliance and http://www.youronlinechoices.com/de/praferenzmanagement/ prevent being targeted with advertisements.
You can find more information about the usage of your data by Facebook in the privacy policy of Facebook here: https://www.facebook.com/about/privacy. Your data will be forwarded by Facebook Ireland on the base of the standard contractual clauses to Facebook USA.

If you want to disable tracking by Facebook Pixel on our webpage, click here for Opt Out Current status inactive
More information how Facebook deal with your data can you find in the privacy policy of Facebook https://www.facebook.com/about/privacy. Your data will be transmitted from Facebook Ireland on base of standard contratcs of Facebook to the US.

17 Google

17.1 Google Analytics 4

Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use the Google Analytics tool provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
This helps to analyse the use of websites. In that process, the data can be turned into pseudonymous user profiles. Google uses different technologies for that purpose, which are based on algorithms. In particular the following data will be collected for that purpose: pageviews, scrolls until the end of the page, clicks on external links, website search queries, watching of embedded YouTube videos, file downloads.

Google may transfer the collected data to countries outside of the EU, in particular to the USA. We have concluded a data-processing agreement with Google, according to which Google will only process your information in accordance with our instructions. This data-processing agreement also states that Google may only transfer the data to the USA within the framework of the standard contractual clauses, see the Google Ads Data Processing Terms for further information. The Google Ads Data Processing Terms are available here: https://business.safety.google/adsprocessorterms/.

Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.

Google will automatically anonymize your IP address, which means that information won’t be stored on their hard disk. To ensure an adequate protection of your data, we have also concluded a data-processing agreement with Google, according to which Google will not combine your information with other data collected by Google with the goal of determining your identity.

If you don’t find this sufficient, you can also use the link http://tools.google.com/dlpage/gaoptout?hl=de to download and install Google’s browser plugin to block Google Analytics, which will prevent Google from collecting and passing on your personal data.

You can also prevent being analysed by Google Analytics by using the following link: Deactivate Google Analytics to place an opt-out cookie, which will also prevent the data from being collected.

If you want to read about Google’s privacy policy, please use the following link https://www.google.de/intl/de/policies/privacy/.

17.2 Google Workspace

In the context of our legitimate interest in a technically flawless online offer and its economically efficient design and optimization in accordance with. Article 6 (1) (f) GDPR we use Google Cloud Services(Google Workspace) from Google Cloud EMEA Ltd., 70 Sir John Rogerson’s Quay, D02 R296, Dublin 2, Irland
(„Google“).
Google Cloud and associated software services in the GDPR-compliant GSuite relate to the storage and management of data in the cloud, calendar functions, e-mail software, document creation, spreadsheets and presentations, the exchange of documents with specific recipients, the publication of forms or other content and information, as well as chats and participation in video and audio conferences.

All data you enter in the Google cloud solutions will be entered or displayed (in particular inventory data such as name and email, usage data such as the browser used, websites visited, length of stay, previously visited website and your IP address, content data such as documents, files, contracts, audio and video communication and / or recording, chat history, shared screen content) to Google and saved by Google. We ourselves use settings that are as privacy-friendly as possible, you can also take such precautions. When communicating, you can use aliases or unique email addresses to log in or deactivate your audio and video transmission (in part).

Your data may be transferred to the USA here. However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. According to the GDPR and the EuGH, this is a legal basis for the transfer of data to the USA. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.

We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions.

Your data will remain stored insofar as it is still necessary for the purposes of your consent, for contract fulfillment / processing, for legal prosecution by us or for our other legitimate interests or if we are legally required to keep your data.
For more information on the use of your data by Google, please refer to Google’s privacy policy
[https://policies.google.com/privacy?hl=de&gl=de] as well as the further security information on Google’s cloud services [https://cloud.google.com/security/privacy/].

18 Online calendar

18.1 Calendly

Based on our legitimate interest in a technologically perfect online offering and its design and optimization in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use the calendar of Calendly https://calendly.com/de, a service offered by Calendly LLC, 1315 Peachtree St NE, Atlanta, GA 30309, USA, to make appointments.

Thus, the data you enter while making an appointment will be passed to Calendly. Your data will be transmitted to the USA in that process.
You can find more information about the privacy policy of Calendly at https://calendly.com/de/pages/privacy. We have entered into a contract on data processing with Calendly, according to which Calendly will only process your data according to our instructions.

In order to arrange an appointment, we ask for the data requested in the Calendly form and we collect your IP address at the time of entry. This data will not be passed to third parties by us or by Calendly and only serves statistical purposes and for arranging appointments. Data entry will be encrypted, preventing third parties from reading your data while you enter it. You will find more information about the data collected by Calendly and how they process your data in the privacy policy of Calendly .

Your data will remain stored as long as the reason for the appointment is still relevant, in particular as long as the storage is still necessary to perform the contract, to pursue our rights or for other legitimate interests of ours or as long as we are required by law to keep your data stored (for example by tax-law requirements on the keeping of records). If the appointment passes without any consequences, your data will be deleted.

19 Videoconferences, Webinare and Onlinemeetings

19.1 Zoom

We use external communication providers (external providers or platforms for our video conferences, audio conferences, webinars or other online meetings and online communication), in this case the provider ZOOM Video Communications Inc., San Jose Office, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. This is based either
– on our contractual or pre-contractual legal relationship in accordance with Art. 6 para. 1 (b) GDPR,
– on your consent if we have obtained that before (for example for a recording) in accordance with Art. 6 para. 1 (a) GDPR or
– on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR.
Each time you use our external communication provider, any data that you enter, indicate or show during the communication (in particular contractual data like name and e-mail, usage data like the browse used, visited websites, duration of the visit, referrer URL and your IP address, content data like audio and video communication and/or recordings, chat protocols, shared screen content) will be transmitted to the external communication provider and stored by them. We use settings that guarantee as much privacy as possible, and you can be careful about your privacy as well. For example, you can register with alias names or with one-time e-mail addresses or (partially) deactivate your transfer of audio and video.

When using this provider, it may happen that your data is transferred to the USA. However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. According to the GDPR and the EuGH, this is a legal basis for the transfer of data to the USA. This applies in particular since the US Presidential Decree of 07.10.2022.

We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions.

Your data will remain stored as long as necessary for the purposes of your consent, for performing the contract, to pursue our legal rights or for other legitimate interests of ours or as long as we are required by law to keep your information.
Neither we nor the external communication provider will pass on your data to third parties. Exceptions may be made for analysing the user date for service and security purposes as well as for marketing purposes of the external communication provider. For the further use of your data by the external communication provider, we refer you to their terms and conditions https://zoom.us/terms and the associated privacy policy https://zoom.us/privacy
Insofar as external communication providers store cookies or other trackers on your device, we refer you to our general information about dealing with cookies and deactivating them in this privacy policy.

20 E-Commerce Platforms

20.1 Amazon affiliate programme

Based on our legitimate interest in an economical online offering pursuant to Art. 6 para. 1 (f) GDPR, we take part in the Amazon EU affiliate programmes of Amazon Europe Core S.à.r.l., of Amazon EU S.à.r.l, of Amazon Services Europe S.à.r.l. and of Amazon Media EU S.à.r.l., all four registered at 5, Rue Plaetis, L-2338 Luxembourg, as well as Amazon Instant Video Germany GmbH, Domagkstrasse 28, 80807 München, Germany.

On our website, you find ads by Amazon and links to offers on Amazon. If you click from our website onto an ad or such a link, Amazon will use cookies that are stored on your computer that you have clicked from our website. We will receive an affiliate commission for that.

You can find information about the use of your data by Amazon in Amazon’s privacy policy: https://www.amazon.de/gp/help/customer/display.html/ref=footer_privacy?ie=UTF8&nodeId=3312401

You have the option to choose the preferences for cookies to be placed on your computer or to prevent this completely. On this subject, we refer you to the above information in this Privacy Policy about cookies.

21 Security systems

21.1 reCAPTCHA

Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use the reCAPTCHA tool provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google“).
The reCAPTCHA tool provided by Google checks if the entries on our website are made by a human or are due to fraudulent automated machine processing and is therefore mainly used in connection with forms. The reCAPTCHA tool uses the following data points to determine that an action was taken by a human and not by an automated bot: IP address of the device used, identification of the browser and the operating system, date and duration of the visit as well as user behaviour, for example mouse movements or other information. The procedure only serves the purpose of fending off spam, DDoS attacks and similar automated attacks. The transmitted IP address will only be connected with information from your Google account if you are logged into your Google account at the time of using Google reCAPTCHA. If you don’t want your data to be transmitted, you simply log out from Google before.
When using Google reCAPTCHA, personal data can be transferred to a server of Google in the USA.

However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. According to the GDPR and the EuGH, this is a legal basis for the transfer of data to the USA. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.

We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions.
You can find more information about the use of your data by Google in the privacy policy of Google https://www.google.de/intl/de/policies/privacy/.
If you don’t want your data to be transmitted, you can deactivate Java scripts in your browser or install a blocker which will prevent Java scripts from being executed (for example https://noscript.net). We do however want to point out that this can impair the use of our or other websites.

Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use the security plugin Wordfence provided by Defiant, Inc., Attn: Legal Department, 1700 Westlake Ave N Ste 200, Seattle, WA 98109, United States, to prevent attacks on our website. Login attempts, logout requests, requests for suspicious URLs, changes to the content of the site and password updates are recorded by the plugin and stored for 30 days in order to block massive requests and attacks on our website.

Information about your use of this website (including your IP address) will be sent to a server of our security plugin in the USA.
However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. According to the GDPR and the EuGH, this is a legal basis for the transfer of data to the USA. This applies in particular since the US Presidential Decree of 07.10.2022.

You can find more information about the use of your data by our security plugin in the privacy policy our security plugin: https://www.wordfence.com/privacy-policy/. Our security plugin cannot be blocked, because that would remove the protection of our website.

22 Customer service

22.1 Customer support Livechat

Based on our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR, we use the US service Live Chat for the live chat on our page, which is provided by LiveChat Inc., 101 Arch Street, 8th Floor, Boston MA 02110 United States of America.

When Live Chat is activated, Live Chat will initially and temporarily collect the IP address to determine the country from which the live chat originates. This allows to offer customer service tailored to the customer’s needs. The IP address is collected for this purpose alone and will not be stored forever by Live Chat.

If you do not want your data to be forwarded to LiveChat, you can prevent the setting of cookies by LiveChat by changing the relevant preferences in your browser. Your browser allows you to disable cookies in general or in specific cases. Please refer to the user manual of your browser for further details. Blocking cookies may limit the functionality of our and other websites that you visit.
You can permanently prevent the placing of cookies in your browser by downloading and installing the plugin linked to hereinafter. Here you can find more information.

Live Chat will also store the communication in the live chats. This can save you from having to make long explanation when you have a request. If you do not want this, you can of course let us know through the contact possibilities mentioned above. We will then immediately delete the live chats that have been stored. We will also delete them once the request has been dealt with, unless we need them to pursue our rights and unless the chat led to the negotiation or the conclusion of a contract and we (need to) store these data as contractual data.

You will find more information about the data protection policy of LiveChat at https://www.livechatinc.com/privacy-policy/ .

23 Payment providers

23.1 PayPal

If you choose one of the payment options of our partner PayPal, provided by PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg, the data entered by you when ordering will be sent to PayPal in order to facilitate the contractual payment. Detailed information about this can be found in the privacy policy of PayPal: https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE

The legal basis for passing on your data to PayPal is primarily the processing of your contractual data according to Art. 6 para. 1 (b) GDPR as well as our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR.

23.2 Stripe

If you choose one of the payment options of our partner Stripe, provided by Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland, the data entered by you when ordering will be sent to Stripe in order to facilitate the contractual payment. Detailed information about this can be found in the privacy policy of Stripe:

https://stripe.com/privacy

The legal basis for passing on your data to Stripe is primarily the processing of your contractual data according to Art. 6 para. 1 (b) GDPR as well as our legitimate interest in a technologically perfect online offering and its design and optimisation in an economically efficient manner pursuant to Art. 6 para. 1 (f) GDPR.

24 Cloud Storagesolutions

24.1 Microsoft 365

For data processing, we use the cloud solution Microsoft 365, provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (hereinafter „Microsoft“).

The legal basis for this data processing is
– our contractual or pre-contractual legal relationship in accordance with Art. 6 para. 1 lit. b GDPR, as well as
– our legitimate interest in a technologically flawless online presence and its economically efficient design and optimization according to Art. 6 para. 1 lit. f GDPR.
As we use Microsoft 365 as a cloud solution, it is possible for Microsoft to learn of our data. This includes data that can identify a person with a manageable amount of effort (“personal data”). In principle, this personal data is all data that you share with us on the occasion of the use of the website and in connection with our general communication and which we then process, or enter, using Microsoft 365.

This may include contact information (such as email address or phone number), billing information (name, billing address, payment method, and bank account information), information about related third-party accounts (such as the email address or username for a related PayPal, Google, or Facebook account), scanned identification documents provided to us (such as an ID card, driver’s license, passport, or official company registration documents), and any other personal information (if you have provided it to us). However, Microsoft will not evaluate or use this data under the terms of the contract for data processing.

This may result in data being transferred to the USA. However, we have ensured that your data is only transferred to the USA on the basis of a contract in accordance with the standard contractual clauses. According to the GDPR and the EuGH, this is a legal basis for the transfer of data to the USA. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.

We have concluded an data processing agreement with this provider, according to which this provider will only process your data on our behalf within the scope of the GDPR and according to our instructions.

We have also set Microsoft 365 to store your data exclusively on servers in Germany or the EU. More information about the location of the stored data can be seen here: https://www.microsoft.com/licensing/terms/product/PrivacyandSecurityTerms/all
If you would like to learn more about Microsoft’s privacy precautions, please use the following link: https://privacy.microsoft.com/de-de/privacystatement.

25 CRM and Marketing

25.1 Convertkit

Based on our legitimate interest in a technologically flawless online presence and its economically efficient design and optimization according to Art. 6 para. 1 lit. f GDPR and – as far as the storage of data for the initiation or from the conclusion of a contract with you is concerned – on the basis of the permission to process contractual data according to Art. 6 para. 1 lit. b GDPR, we use the integrated hosting and email marketing solution provided by ConvertKitt LLC, 750 W Bannock St #761, Boise, ID 83702, USA (hereinafter “Convertkit”).

Convertkit Newsletter
We use Convertkit for our newsletter and mailings as part of our legitimate interest in providing commercially-efficient customer communications. If you order the newsletter offered on our site, we will inform you in detail about the kind of information you will receive, which data of yours is stored and what it is used for. We will not pass on your data to third parties and will only use it for mailing the newsletter.

We will only send the newsletter to you if you have previously given us your consent to do so. For this purpose, you will receive an e-mail from us with a link and more detailed instructions and a request for your consent. By clicking on this link, you agree to receive the newsletter and advertising from us.

The basis for the storage is your consent according to Art. 6 para. 1 lit. a GDPR, which you give us with the registration for the newsletter. You can revoke this consent at any time by sending us an informal message (e.g. by contact form or e-mail or unsubscribe link in every e-mail). This revocation does not affect the legality of the data processing carried out up to that point.
Since we are legally required to log your consent as part of the so-called double opt in, your ordering of the newsletter, the sending of our consent mail and your consent by clicking on the link will be logged and stored according to place and time as well as with your IP address.
The data used by Convertkit contains a “web-beacon” that sends the opening of the newsletter and/or the activation by you through a link contained therein to Convertkit. This transmits information about your browser, location and IP address to Convertkit. This information is used to optimize how we interact with you.
Furthermore, our newsletter provider also uses this data, but only in pseudonymous form (i.e. without enabling your identification) to analyze and optimize its own service. However, your data will never be used by the provider to contact you.
Your data will remain stored as long as they are stored in our e-mail list, as long as the storage is necessary for us to pursue our rights or for our other legitimate interests, or as long as we are required by law to retain your data.

Convertkit Hosting / E-Mail Marketing
Based on our legitimate interest in a technologically flawless online offering and its economically efficient design and optimization, we use Convertkit for hosting our website pursuant to Art. 6 lit. f GDPR. Convertkit collects usage data in the same way as any other hoster. This includes identified and unidentifiable data on the occasion of your visit to our website. This is either provided to Convertkit or collected automatically through the use of Convertkit services (“non-personal data”).

Non-personally identifiable information does not allow Convertkit to determine from whom the information originated. Non-personal data is technological and usage information, such as visitors’ and service users’ browsing and clickstream behavior, session heatmaps and scrolls, and non-identifying data about the user’s or visitor’s device used, operating system, browser, screen resolution, language and keyboard settings, internet service provider, referring/exit pages, date/time stamp, and so on.

However, as a hoster, Convertkit also collects data that can identify a person with a manageable amount of effort (“personal data”). This personal data is in principle all data that you enter on the occasion of using the website. It may include contact information (such as email address or phone number), billing information (name, billing address, payment method, and bank account information), browser or user session information (IP address, geographic location, and/or unique terminal identifier), information about related third-party accounts (such as the email address or username for a related PayPal, Google, or Facebook account), scanned identification documents provided to us (such as an ID, driver’s license, passport, or official company registration documents), and any other personally identifiable information.
Convertkit also takes physical, electronic and procedural safeguards to protect your personal information.

We also use Convertkit as an e-mail marketing system on the basis of permission to process contractual data. In this case, we store all data that you have transmitted to us for the purpose of initiating or concluding a contract, in particular your name, your contact data, payment data, if applicable, as well as purchased products. This data remains stored by us as long as we still need it for the processing of the contract (in particular warranty period) or for a legally prescribed storage period (in particular tax-relevant data).

In the context of both types of use of Convertkit, your data may be transferred to the USA. We have concluded a data processing agreement with Convertkit, according to which Convertkit will only process your data according to our instructions. This agreement also provides that the transfer of data to the USA by Convertkit will only occur under the standard contractual clauses. Furthermore this provider is certified according to the EU-US Data Privacy Framework. This means that the transfer of data to the USA is possible in a legally secure manner on the basis of the adequacy decision concluded on 10.07.2023.

If you would like to learn more about Convertkit’s privacy arrangements, please use the following link: https://convertkit.com/privacy.

26 Fonts

26.1 Google Fonts

Built with Datenschutz Generator of https://easyrechtssicher.de

This is our current valid privacy policy from 28.08.2023